I need to stablish a connection from JIRA with an external application via SSL.
The error received is : "The server 'https://greenhopper-dev.app.alcatel-lucent.com:443' is not reachable: javax.net.ssl.SSLException: java.security.cert.CertificateException: No name matching greenhopper-dev.app.alcatel-lucent.com found"
It seems like the server is not include in the certificates file /opt/atlassian/jira/jre/lib/security/cacerts, but the server is reachable via command line interface pointing to the same file .
> java -Djavax.net.ssl.trustStore="/opt/atlassian/jira/jre/lib/security/cacerts" SSLPoke greenhopper-dev.app.alcatel-lucent.com 443
Successfully connected
The option "-Djavax.net.ssl.trustStore="/opt/atlassian/jira/jre/lib/security/cacerts" " is include in the file setenv.sh and so ,is included in the variable JAVA_OPTS when jira starts.
please, any idea about why is failing the SSL connection?
Best regards
Jorge Sanchez
The cacerts file is owned and accesible to the JIRA service.
Is the cacerts file owned by and accessible to the user running the JIRA service?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Yes. The cacerts file is accesible to the user running the JIRA service
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
That is odd, I cannot see a single thing that might even be wrong with this.
I would check the running system as below and check the -D appears in there (it does not in mine, I've got a single key for a different reason)
ps -ef | grep -i jira
nic 10681 10666 0 18:41 pts/0 00:00:00 grep -i jira
charlie 14058 1 0 Jul02 ? 01:18:21 /opt/jira-7.1/jre//bin/java -Djava.util.logging.config.file=/opt/jira-7.1/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Xms384m -Xmx1520m -Djava.awt.headless=true -Datlassian.standalone=JIRA -Dorg.apache.jasper.runtime.BodyContentImpl.LIMIT_BUFFER=true -Dmail.mime.decodeparameters=true -Dorg.dom4j.factory=com.atlassian.core.xml.InterningDocumentFactory -Djavax.net.debug=ssl -Djavax.net.debug=all -Djavax.net.ssl.keyStoreType=pkcs12 -Djavax.net.ssl.keyStore=/home/charlie/.certs/atlasclient.p12 -Djavax.net.ssl.keyStorePassword=***************** -XX:+PrintGCDateStamps -XX:-OmitStackTraceInFastThrow -Djava.endorsed.dirs=/opt/jira-7.1/endorsed -classpath /opt/jira-7.1/bin/bootstrap.jar:/opt/jira-7.1/bin/tomcat-juli.jar -Dcatalina.base=/opt/jira-7.1 -Dcatalina.home=/opt/jira-7.1 -Djava.io.tmpdir=/opt/jira-7.1/temp org.apache.catalina.startup.Bootstrap start
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.